Alberto Garcia's blog

User-mode Linux and skas0

User-mode Linux (UML) is a port of Linux to its own system call interface. In short, it’s a system that allows to run Linux inside Linux.

UML is integrated in the standard Linux tree, so it’s possible to compile an UML kernel from any recent kernel sources (using ‘make ARCH=um‘).

Traditionally, UML had a working mode which was both slow and insecure, as each process inside the UML had write access to the kernel data. This mode is known as Tracing Thread (tt mode).

A new mode was added in order to solve those issues. It was called skas (for Separate Kernel Address Space). Now the UML kernel was totally inaccessible to UML processes, resulting in a far more secure environment. In skas mode the system ran noticeably faster too.

To enable skas mode the host kernel had to be patched. As of September 2006, the latest version of the patch is called skas3. The patch is small but hasn’t been merged in the standard Linux tree. The official UML site has a page about skas mode that explains all these issues more thoroughly.

However, by July 2005 a new mode was added to UML in Linux 2.6.13 called skas0 (which, for some reason, isn’t explained in the above page). This new mode is very close to skas3: it provides the same security model and most of its speed gains. The main difference is that you don’t need to patch the host kernel, so you can use a skas-enabled UML in your Linux system without having to mess with the host kernel. The patch is explained in the 2.6.13 changelog or in this article.